GandCrab 2.1 Ransomware on the Rise with New Spam Campaign
Tags
country: India
attack-pattern: Domains - T1583.001 Domains - T1584.001 Javascript - T1059.007 Malware - T1587.001 Malware - T1588.001
Show in Graph
Common Information
Type Value
UUID c91e076b-b49e-4f8e-a628-c3b732b6b838
Fingerprint a1511079843eefad
Analysis status DONE
Considered CTI value 2
Text language
Published April 25, 2018, midnight
Added to db Jan. 18, 2023, 11:18 p.m.
Last updated Sept. 4, 2024, 9:23 p.m.
Headline GandCrab 2.1 Ransomware on the Rise with New Spam Campaign
Title GandCrab 2.1 Ransomware on the Rise with New Spam Campaign
Detected Hints/Tags/Attributes 46/2/11
Source URLs
Redirection Url
Details Source https://www.fortinet.com/blog/threat-research/gandcrab-2-1-ransomware-on-the-rise-with-new-spam-campaign.html
URL Provider
Details Provider Source level domain
Details fortinet.com www.fortinet.com
Attributes
Details Type #Events CTI Value
Details File 2 
uh.exe
Details sha256 1 
193fa4b3c3d613aad618c700eb728740a76583314eac47c26101f870acacce8d
Details sha256 1 
4ebc543ae92434b44b4969176a84f365ae71e22f434b78b60185eb2f97388b19
Details sha256 1 
711802a21faffde6176e24e453279f805899a8a8e8acb1aa17cbbe939728cf77
Details sha256 1 
9898b8e0a8b1a6ba96b07bc01ecef716cf9c5280f5190467e5da449854e64b22
Details sha256 1 
bf7e29484aebfa7be8877639ea16383d5c4025cbf359d5c2566c98f5e1fccea1
Details sha256 1 
846ad2d7e1e133ae4bc2decbc22ae686a44cccaffbee15b4d9b23143f6aa8d3f
Details sha256 1 
a3e2a45504a3bcf9f96acabb601410e2250165c3d19f2580c50a15bf910f3d9f
Details sha256 1 
339d22b5e02c79cdaa355bb11b063645332d0a2fd43ae78af6577818c4078284
Details IPv4 5 
185.189.58.222
Details Url 2 
http://185.189.58.222/uh.exe